allow the user to login but do not allow upload and show error message on the web

This commit is contained in:
Florin Peter 2013-05-31 15:57:18 +02:00
parent 2e3bfdb12c
commit e9d1ea712c
3 changed files with 26 additions and 7 deletions

View File

@ -28,9 +28,10 @@ if (OCP\User::isLoggedIn()) {
$view = new OC_FilesystemView('/'); $view = new OC_FilesystemView('/');
$session = new \OCA\Encryption\Session($view); $session = new \OCA\Encryption\Session($view);
$user = \OCP\USER::getUser();
// check if user has a private key // check if user has a private key
if ( if (
!$session->getPrivateKey(\OCP\USER::getUser()) !$view->file_exists('/' . $user . '/files_encryption/' . $user . '.private.key')
&& OCA\Encryption\Crypt::mode() === 'server' && OCA\Encryption\Crypt::mode() === 'server'
) { ) {

View File

@ -62,13 +62,13 @@ class Hooks {
if(is_resource($res)) { if(is_resource($res)) {
$sslInfo = openssl_pkey_get_details($res); $sslInfo = openssl_pkey_get_details($res);
if(!isset($sslInfo['key'])) { if(!isset($sslInfo['key'])) {
$privateKey = null; $privateKey = false;
} }
} else { } else {
$privateKey = null; $privateKey = false;
} }
if($privateKey === null) { if($privateKey === false) {
\OCP\Util::writeLog('Encryption library', 'Private key for user "' . $params['uid'] . '" is not valid! Maybe the user password was changed from outside if so please change it back to gain access', \OCP\Util::ERROR); \OCP\Util::writeLog('Encryption library', 'Private key for user "' . $params['uid'] . '" is not valid! Maybe the user password was changed from outside if so please change it back to gain access', \OCP\Util::ERROR);
} }

View File

@ -236,7 +236,11 @@ class Stream {
// if there is no valid private key return false // if there is no valid private key return false
if($privateKey === false) { if($privateKey === false) {
\OCP\Util::writeLog('Encryption library', 'Private key for user "' . $this->userId . '" is not valid! Maybe the user password was changed from outside if so please change it back to gain access', \OCP\Util::ERROR); if(\OC_Util::isCallRegistered()) {
$l = \OC_L10N::get('core');
\OCP\JSON::error(array('data' => array('message' => $l->t('Private key is not valid! Maybe the user password was changed from outside if so please change it back to gain access'))));
throw new \Exception('Private key for user "' . $this->userId . '" is not valid! Maybe the user password was changed from outside if so please change it back to gain access');
}
return false; return false;
} }
@ -433,6 +437,22 @@ class Stream {
$this->flush(); $this->flush();
$view = new \OC_FilesystemView('/');
$session = new \OCA\Encryption\Session( $this->rootView );
$privateKey = $session->getPrivateKey($this->userId);
// if there is no valid private key return false
if($privateKey === false) {
if(\OC_Util::isCallRegistered()) {
$l = \OC_L10N::get('core');
\OCP\JSON::error(array('data' => array('message' => $l->t('Private key is not valid! Maybe the user password was changed from outside if so please change it back to gain access'))));
throw new \Exception('Private key for user "' . $this->userId . '" is not valid! Maybe the user password was changed from outside if so please change it back to gain access');
}
return false;
}
if ( if (
$this->meta['mode'] !== 'r' $this->meta['mode'] !== 'r'
and $this->meta['mode'] !== 'rb' and $this->meta['mode'] !== 'rb'
@ -459,8 +479,6 @@ class Stream {
// Encrypt enc key for all sharing users // Encrypt enc key for all sharing users
$this->encKeyfiles = Crypt::multiKeyEncrypt($this->plainKey, $publicKeys); $this->encKeyfiles = Crypt::multiKeyEncrypt($this->plainKey, $publicKeys);
$view = new \OC_FilesystemView('/');
// Save the new encrypted file key // Save the new encrypted file key
Keymanager::setFileKey($this->rootView, $this->relPath, $this->userId, $this->encKeyfiles['data']); Keymanager::setFileKey($this->rootView, $this->relPath, $this->userId, $this->encKeyfiles['data']);